-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera International, Inc. Security Advisory Subject: Linux: fetchmail imap message count vulnerability Advisory number: CSSA-2002-027.0 Issue date: 2002 June 17 Cross reference: ______________________________________________________________________________ 1. Problem Description The fetchmail email client does not properly limit the maximum number of messages available. This allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to fetchmail-5.8.17-3.i386.rpm prior to fetchmailconf-5.8.17-3.i386.rpm OpenLinux 3.1.1 Workstation prior to fetchmail-5.8.17-3.i386.rpm prior to fetchmailconf-5.8.17-3.i386.rpm OpenLinux 3.1 Server prior to fetchmail-5.8.17-3.i386.rpm prior to fetchmailconf-5.8.17-3.i386.rpm OpenLinux 3.1 Workstation prior to fetchmail-5.8.17-3.i386.rpm prior to fetchmailconf-5.8.17-3.i386.rpm 3. Solution The proper solution is to install the latest packages. 4. OpenLinux 3.1.1 Server 4.1 Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS 4.2 Packages fe2a12a46105337465eaade27dcdfd19 fetchmail-5.8.17-3.i386.rpm 5ee700b144f9888d71760c68af7bdd10 fetchmailconf-5.8.17-3.i386.rpm 4.3 Installation rpm -Fvh fetchmail-5.8.17-3.i386.rpm rpm -Fvh fetchmailconf-5.8.17-3.i386.rpm 4.4 Source Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS 4.5 Source Packages d0baecda18a7f2602fe2b1634463addb fetchmail-5.8.17-3.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS 5.2 Packages e53982b3b4bd650aeca7342b155fd150 fetchmail-5.8.17-3.i386.rpm 66c50c0b2a80a01e5a6b80ee10b999cb fetchmailconf-5.8.17-3.i386.rpm 5.3 Installation rpm -Fvh fetchmail-5.8.17-3.i386.rpm rpm -Fvh fetchmailconf-5.8.17-3.i386.rpm 5.4 Source Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS 5.5 Source Packages 282f59e2897e214270789b9bd12b1ebe fetchmail-5.8.17-3.src.rpm 6. OpenLinux 3.1 Server 6.1 Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS 6.2 Packages 4e1d00de455d83703ef352b6954a26b5 fetchmail-5.8.17-3.i386.rpm 0d86128975e46e9e739728157e4c8eef fetchmailconf-5.8.17-3.i386.rpm 6.3 Installation rpm -Fvh fetchmail-5.8.17-3.i386.rpm rpm -Fvh fetchmailconf-5.8.17-3.i386.rpm 6.4 Source Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS 6.5 Source Packages 94f1a2221da6db44c31f5562a8935b83 fetchmail-5.8.17-3.src.rpm 7. OpenLinux 3.1 Workstation 7.1 Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS 7.2 Packages 7b6142d18892c4a4afe6a956f3a8ae51 fetchmail-5.8.17-3.i386.rpm 6ca58cc1462555b90ff4b5c3a395adb8 fetchmailconf-5.8.17-3.i386.rpm 7.3 Installation rpm -Fvh fetchmail-5.8.17-3.i386.rpm rpm -Fvh fetchmailconf-5.8.17-3.i386.rpm 7.4 Source Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS 7.5 Source Packages 296fb5b80dbd73aefffad24b3998f33c fetchmail-5.8.17-3.src.rpm 8. References Specific references for this advisory: http://tuxedo.org/~esr/fetchmail/NEWS http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0146 Caldera security resources: http://www.caldera.com/support/security/index.html This security fix closes Caldera incidents sr865008, fz521068, erg712057. 9. Disclaimer Caldera International, Inc. is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera products. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj0OUTAACgkQbluZssSXDTFSMQCgrpA5XuE4o5lKl56xVXqhFBOR Rs8An0aGIY101Ty/rMLqz4fhk586ocfj =dHfB -----END PGP SIGNATURE-----